Ql. 


Hello 

A packet that establishes and maintains neighbor adjacencies 

Query 

A packet that is send to neighbors following the loss of a feasible successor 

Reply 

A packet that is sent to inform neighbors of the presence of a feasible successor 

Request 

A packet that is used in route server applications 

update 

A packet that is used to convey reachability of destinations 


Q2. 


Ntp master 

Configures the device as an authoritative time 

Ntp orphan 

Configures the device to simulate the UTC source when time sources are 
inaccessible 

Ntp peer 

Configures the devices to synchronise its time again server 

Ntp refclock 

Configures the devices to synchronise its time again device 

Ntp server 

Configures an external time source 


Q3. What feature can a device use to identify other members of the same IPV6 multicast group on a 
network segment? 

A. MLD 

Q4. Which two statements are true about VPLS? 

A. It relies on flooding to propagate MAC address reachability information 

B. It can carry a single VLAN per VPLS instance 

Q5. Which two options are the two main phases of PPPoE? 

A. Active Discovery Phase 

B. PPP Session Phase 

Q6.Which two route types are advertised by a router with this configuration? 

Router eigrp 1 
Network 10.0.0.0 
Eigrp stub 

A. Summary 

B. Connected 

Q7. Which statement is true about trunking? 

A. DTP is point-to-point protocol 

Q8. With BGP always-compare-MED enabled, which BGP entry is installed in the RIB? 

A. Entry 3 because it has the lowest MED 

Q9. In an MPLS-VPN environment, what is the effect of configuring an identical set of route targets 
for a particular VRF but then configuring a non-identical RD across multiple PE devices? 

A. The route are correctly managed by the control plane, but there are instances where routers 
take up twice as much memory 




Q10. 


Edge device 

Connects sites to an overlay network 

Join interface 

Provides a link to the overlay network 

Internal interface 

Connects VLANs to be extended 

Overlay interface 

Encapsulate layer 2 frames within an IP header 

Site VLAN 

Received local OTV hello messages 

Authoritative edge 
device 

Elected by the OTV to provide loop-free multihoming 


Qll. Which description of infrastructure as a Service is true? 

A. A cloud service that delivers on demand resources like networking & storage 

Q12. Your NetFlow collector is not working due to large amount of traffic entering your network 
which is destined to a single IP address. Which NetFlow feature allows you to collect the top 
source hosts for this traffic on the local router? 

A. Ip flow-top-talkers 

Q13. On which three options can Cisco PfR base its traffic routing? 

A. Load balancing requirements 

B. Network Performance 

C. User-defined link capacity thresholds 

Q12. Which three modes are valid for forming an EtherChannel between the ports of two 
switches? 

A. Active/passive 

B. Active/Active 

C. Auto/desirable 

Q13. Which three session tables does NAT64 maintains? 

A. TCP 

B. UDP 

C. ICMP Query 

Q14. Your network uses an MPLS VPN backbone with OSPF routing between all PE & CE routers and 
on the 10Mb backup links between the CE routers. You notice that data between CE1 & CE3 is 
flowing over the backup links instead of the higher-bandwidth MPLS VPN backbone even when the 
backbone is up. What is the most likely explanation of this behaviour? 

A. The devices are preferentially using intra-area routing 


Q15. 


Label 

Identifies the group of which an IP packet belongs 

Implicit-null 

Instructs the penultimate router to pop the label before forwarding 

Explicit-null 

Instructs the router to keep the label when forwarding 

PHP 

Pops an MPLS label off one hop before its final destination 

FEC 

Groups IP packets so that they are given the same forwarding 
treatment 

Virtual Circuit 

Identifies a Iayer2 MPLS connection from on device to another 






Q16. What is the requirement of BFD static route support? 

A. CEF must be configured on all routers that will carry traffic. 

Q17. Statements about route summarization are true? 

A. EIGRP learned routes are automatically summarized 

B. Routes are automatically summarized to their classful boundary with OSPF 

Q18. Two options are requirements for CoPP? 

A. CEF must be enabled globally 

B. A class map must be configured to identify traffic 

Q19. Which IPv6 tunnelling method allows Flost A to communicate Flost B within the same site? 
A. ISATAP 

Q20. Which trunking configuration between two Cisco switches can cause a security risk? 

A. Configuring different native VLANs on the switches 


Q21. 


Provides dynamic spoke-to-spoke traffic flow 

DMVPN 

Supports multicast traffic natively on private IP networks 

DMVPN 

Operates in normal receive-only & passive mode 

GETVPN 

Supports operations between products from multiple vendors 

GETVPN 

Operates in tunnel & transparent mode 

IPSec 

Uses a peer-to-peer encryption style for point-to-point GRE tunnels 

IPSec 


Q22. 


BGP 

Uses TCP 179 

EIGRP 

Uses IP protocol 88 

ISIS 

Operates without using the IP protocol to carry routing messages 

ODR 

Operates at Layer2 via CDP 

OSPF 

Uses IP protocol 89 

RIP 

Uses UDP520 


Q23. 


Authentication 

Algorithm 

A value that controls the cryptographic mode 

Authentication 

key 

A secret value used when encrypting packets 

Key ID 

A 8-bit unsigned value that controls which SA the receiver uses 

Key Start Accept 

The time at which the OSPF router will begin processing packets from the SA 

Key Start 

Generate 

The time at which the OSPF router will begin using the SA to encrypt packets 

Key Stop Accept 

The time at which the OSPF router will stop processing packets from the SA 

Key Stop 

Generate 

The time at which the OSPF router will stop using the SA to encrypt packets 


Q24. Which option describes a difference between Ansible & Puppet? 
A. Ansible is Python based and Puppet is Ruby based 







Q25. 


Data pattern 

Troubleshoot framing errors & clocking problems 

Set DF bit in IP header 

Identifies the smallest MTU allowed along the path to the 
destination 

Sweep range of sizes 

Identifies non-conforming MTU devices along the path to the 
destination 

Type of service 

Set the QoS 

Validate reply data 

Used to confirm the data received from the destination 


Q26. 


Transport 

Provides a communication path between the client and server 

Messages 

Provides a framing mechanism for encoding RPCs 

Operations 

Defines a set of base protocol operations 

Content 

Holds information on data models & protocol operations 


Q27. Three values are used to generate a unique bridge ID for each VLAN in PVST+? 

A. Spanning-tree MAC address 

B. Switch priority 

C. Extended system ID 

Q28. Which three technologies can be used to implement redundancy for IPv6? 

A. HSRP 

B. GLBP 

C. IPv6 RA 

Q29. Which command address learning on the configures port security on a switch to enable 
permanent MAC interface? 

A. Switchport port-security mac-address sticky 

Q30. When you implement the EIGRP add-paths feature, which configuration can cause routing 
issues on a DMVPN circuit? 

A. Disabling the default variance under the EIGRP process 

Q31. Correct binary equivalent of DSCP value AF41? 

A. 100010 


Q32. 


6-to-4 

A point-to-multipoint tunnel used for intra-site and inter-site communication 

6RD 

A point-to-multipoint tunnelling mechanism using IPV6 prefixes from the ISP IPv6 
address space holding ipv4 addresses 

ISATAP 

A point-to-multipoint tunnel used for intra-site communication only 

IPv4- 

compatible 

A point-to-multipoint tunnel using the ::/96 prefix that is used for intra-site and 
inter-site communication 

GRE 

A point-to-point tunnel used for intra-site and inter-site communication that 
carries a variety of packet types 

Manual 

A point-to-point tunnel used for intra-site and inter-site communication that 
carries only IPv6 packets 




Q33. 


Type 3 

Advertises an internal network or set of networks to routers in other 

areas 

Type 9 

Associates a group of prefixes for transit networks or stub networks 

Type 1 

Indicates whether the routers is part of a virtual link 

Type 2 

Collects link-state information and cost information for the entire 
network 

Type 8 

Provides the link-local address of a router to other routers on the 
same link 

Type 5 

Redistributes external routers 

Type 4 

Enables routers to determine the best path to an external network 


Q34. 


Stateless NAT64 

Performs 1:1 translation 

Stateless NAT64 

Wastes IPv4 addresses 

Stateless NAT64 

Provides end-to-end address transparency 

Stateless NAT64 

Requires IPv6 address assignment that can be translated to IPv4 

Stateful NAT64 

Performs 1:N translation 

Stateful NAT64 

Conserves IPv4 addresses 

Stateful NAT64 

Creates a unique binding for every translation 

Stateful NAT64 

Supports all modes of IPv6 address assignement 


Q35. 


Flow Policy 

Associates a flow monitor and at least one class 

Flow Monitor 

Associates a flow record and a flow exporter 

Flow record 

Attaches to an interface to monitor performance 

Class 

Specifies filtering criteria 

Flow Exporter 

Specifies destination for monitored data 

Service Policy 

Specify the key and nokey fields to monitor 


Q36. Which two statements about DMVPN & NHRP are ture? 

A. NHRP dynamically provides information about the spoke routers to the hub 

B. The hub router uses NHRP to initiate the GRE tunnel with spokes 


Q37. 


Step 1 

Prepare Configuration 

Step 2 

Bring up VSL links 

Step 3 

Run VSLP 

Step 4 

Run RRP 

Step 5 

Inter chassis SSO 

Step 6 

Continue system bootup 


Q38. 


Step 1 

Configure a flow record 

Step 2 

Configure a flow monitor that includes that includes the flow record and flow 
exporter 

Step 3 

Configure a class that describes the filtering criteria 

Step 4 

Configure a policy with at least one performance-monitor type flow monitor 







Step 5 

Associate a performance-monitor type policy with this corresponding 


interface 


Q39. 


Marking 

Associating packets with a QoS model 

Policing 

Determining whether packets are in or out of profile 

Scheduling 

Evaluating configuration and policer information to determine the correct 
treatment for an out-of-profile packet 

Classification 

Evaluating the DSCP or COS values that correspond to a packet's QoS label 

Queuing 

Providing service in accordance with a configured SRR weight 


Q40. 


Query 

A packet that aids fast convergence 

Update 

A packet that confirms reachability 

Hello 

A packet that is used to find neighbors 

ACK 

A packet without content 

Reply 

A unicast message to acknowledge requests 


Q41. 


Peer session templates 

Applies configuration commands to a group of neighbors in all 
address families 

BGP dynamic update 
peer-groups 

Separates updates from configurations, which allows groups to 
belong to different address families 

BGP dynamic neighbors 

Supports the configuration of a group of neighbors by defining a 
prefix range instead of a single neighbor address 

Peer policy templates 

Applies configuration commands to a group of neighbors within 
specific address families 

Peer Groups 

Creates a group of neighbors in the same address-family that share 
the same outbound routing policies 


Q42. 


Tracking option reachability & return code Authentication Failure 

DOWN 

Tracking option reachability & return code Over Threshold 

DOWN 

Tracking option state & return code Format Failure 

DOWN 

Tracking option state & return code Ok 

UP 

Tracking option state & return code Over Threshold 

UP 

Tracking option reachability & return code Ok 

UP 


Q43. 

The diagram represents a data plane packet that has undergone GET VPN encapsulation with time- 
based anti-replay. D & D 


A 

ESP Header 

B 

Metadata 

C 

Payload 

D 

ESP Trailer 






Q44. 


Root port 

The port whose path cost deems it closest to the root bridge 

Designated port 

The port that sends the best BPDUs on its segment 

Alternate port 

A blocked port that receives more useful BPDU from a different bridge 

Backup port 

A blocked port that received more useful BPDU from its own bridge 


Q45. 


The default EIGRP peering method 

Multicast 

Uses the remote keyword in the neighbor statement to form 
peerings 

OTP point-to-point 

Forms a half-mesh topology through peers configured with the 
unicast-listen keyword 

OTP route-reflector 

Uses neighbor statement on a non-passive interface with 
default options 

Unicast 


Q46. 


Level 1-2 

ABR 

DIS 

Designated router 

Level 2 

Internal Backbone 

Level 1 

Totally Stubby internal backbone 


Q47. 


Multiprotocol 
unreachable NLRI 

An optional non transitive attribute used to withdraw a route 

Capability mode 

A value that indicates whether multiprotocol extensions are supported 

Multiprotocol 
reachable NLRI 

An optional non transitive attribute used to advertise a route 

AFI 

A value that indicates a network protocol 

SAFI 

A value that identifies a subtype of network protocol 


Q48. 


Applied in both the inbound and outbound directions 

Traffic Policing 

Drops excess packets when traffic load exceeds the CIR 

Traffic Policing 

May cause excessive TCP retransmissions 

Traffic Policing 

Buffers and queues excess packets when traffic load exceeds the CIR 

Traffic Shaping 

Configures in bits per seconds 

Traffic Shaping 

Minimises TCP retransmissions 

Traffic Shaping 


Q49. 


Dual Stack 

Configures parallel ipv4 and ipv6 network infrastructure and address 

NAT-PT 

Translates traffic between ipv4 & ipv6 address 

ISATAP tunneling 

Uses any ipv6 unicast site address 

6to4 tunneling 

Uses ipv6 site address with in the 2002::/16 prefix 

IPv6 to ipv4 GRE 
tunneling 

Uses standard point-to-point encapsulation 






Q50. 


Neighbor advertisement 

The message a node uses to share its link layer address 

Neighbor redirect 

The message a node uses to notify hosts on the link of a better 
first-hop for a destination 

Neighbor Solicitation 

The message a node uses to discover the link-local addresses of 
other nodes on the link 

Router advertisement 

The message a node uses to share information about its status 
and its local prefixes 

Router Solicitation 

The message a host sends when it starts up requesting local 
routers to transmit information 


Q51. 


It connects IPV6 sites that are separated geographically 

6RD 

It uses to test IPv6 tunnelling before deployment 

6RD 

It encapsulates ipv6 traffic in ipv4 packets 

6to4 

It uses the 2002::/16 prefix 

6to4 

It connects IPV6 sites that are in same geographic locations 

ISATAP 

It uses native IPV6 addresses 

ISATAP 


Q52. 


PADI 

A packet that is sent with the destination_addr set to the broadcast address. 
The packet indicates the type of service requested. 

PADO 

A packet that is sent with the destination_addr set to the unicast address of 
the PPPoE client. The packet contains an offer of the client. 

PADR 

A packet that is sent from the PPPoE client with the destination_addr set to 
the chosen access concentrator. The packet contains a session request from 
the client. 

PADS 

A packet that is sent as confirmation to the client. The packet contains the 
unique PPPoE session ID. 

PADT 

A packet that is to terminate the PPPoE session 


Q53. 


Uses community-string authentication 

SNMPv2c 

Introduced support for the noAuthNoPriv security level 

SNMPv2c 

Introduced expanded error codes 

SNMPv2c 

Supports username authentication 

SNMPv3 

Introduced support for encryption 

SNMPv3 

Supports DES 

SNMPv3 


Q54. When is it useful to disable split horizon on an EIGRP interface? 

A. Disable it when you need to send updates to peers on the interface on which the updates 
were received. 

Q55. Which statement about the BGP scope of the cost community is true? 

A. It is shared with IBGP and confederation peers. 

Q56. Which two statements about IP source guard are true? 

A. It is not supported on private VLANs 

B. It is available only on L2 ports 





Q57. What is the default ISIS interface metric on a Cisco router? 

A. 10 

Q58. Which two statements about VPLS are true? 

A. It uses broadcast replication to transmit Ethernet packets with multicast MAC addresses. 

B. It enables CE devices on different networks to operate as if they were in the same LAN. 

Q59. Which two statements about the CEF glean adjacency type are true? 

A. The adjacency database is used to gather specific prefixes when packets are destined to a 
specific host. 

B. The router FIB table maintains a prefix for the subnet instead of individual hosts. 

Q60. Which option describes the purpose of the no ip next-hop-self eigrp configuration line in 
DMVPN deployment? 

A. It preserves the original next-hop value as learned by the spoke routers. 

Q61. Which two statements about SNMP inform requests are true? 

A. For a particular event, an SNMP inform may be sent more than once. 

B. SNMP informs are send to the SNMP manager and acknowledgement. 

Q62. Which three protocols are permitted by IEEE 802.lx port-based authentication before the 
client is successfully authenticated by the RADIUS server? 

A. CDP 

B. STP 

C. EAPOL 

Q63. Which two statements about CEF load balancing are true? 

A. Each hash maps directly to a single entry in adjacency table. 

B. It combines the source and destination IP address to create a hash for each destination. 

Q64. Which value does ISIS use for Partial route computation? 

A. Changed routes 

Q65. Which two statements are true about MLD? 

A. MLD is a sub-protocol of ICMPv6 

B. When a single link supports multiple interfaces, only one interface is required to send MLD 
message. 

Q66. What two statements about the add path support in EIGRP feature are true? 

A. The next-hop-self command should be disabled to prevent interference with the add-paths 
command 

B. It allows a DMVPN hub to advertise as many as five best paths. 

Q67. New authentication options in SNMPv3? 

A. authNoPriv 

B. noAuthNoPriv 



Q68. Three security controls would you take into consideration when implementing IOT capabilities? 

A. Privacy impact statement 

B. Define lifecycle controls for IOT devices 

C. Layered Security Approach. 

Q69. Which feature can you implement to most effectively protect customer traffic in a rate-limited 
WAN Ethernet service? 

A. HCBWFQ 

Q70. What are two requirements of BFD static route support? 

A. CEF must be configured on all routers that will carry traffic. 

Q71. In which way does the Bridge Assurance mechanism modify the default spanning-tree 
behaviour in an effort to prevent bridging loops? 

A. BPDUs are send bidirectional on all active network ports, including blocked & alternate ports 

Q72. On a network with multiple VLANs, which three tasks you must perform to configure IP source 
guard on VLAN50 only? 

A. Configure ip verify source command on the interface 

B. Configure ip dhcp snooping command globally 

C. Configure ip dhcp snoopoing VLAN50 command globally 

Q73. Which protocol does host use to request IPv6 Multicast traffic? 

A. MLD 

Q74. Your network supports numerous devices that reside on different data link segments within the 
same IP Subnet. Which feature can you implement to enable the devices to resolve IP-to-MAC 
address mapping? 

A. Proxy ARP 


Q75. 


Cisco proprietary protocol 

HDLC 

Provides the default encapsulation of packets on serial interfaces 

HDLC 

Supports only synchronous interface 

HDLC 

Uses SLARP to maintain link keepalives 

HDLC 

An open standard 

PPP 

Supports authentication 

PPP 

Uses magic number to identify loopback 

PPP 

Uses LCP to verify link quality 

PPP 


Q76. Which three types of traffic are protected when you implement IPSec within an IPV6-in-IPv4 
tunnel? 

A. IPV6 link-local 

B. IPV6 Unicast 

C. IPV4 Multicast 




Q77. Which three statements about preference of IS-IS are true? 

A. Within each level, a path that supports optional metrics is preferred over a path that 
supports only the default metric 

B. An LI path is preferred over an L2 path 

C. Within each level of metric support, the path with lowest metric is preferred. 

Q78. When you deploy DMVPN, what is the purpose of the command crypto isakmp key ciscotest 
address 0.0.0.0 0.0.0.0? 

A. It is configured on hub to set the pre-shared key for the spoke routers. 

Q79. Which three options are capabilities of queuing & scheduling? 

A. Bandwidth limitation 

B. Policing 

C. Queue buffers 

Q80. Which type of access-list will allow incoming traffic for sessions that originated from within 
your network? 

A. Reflexive ACLs 

Q81. Which mechanism can be used on L2 switches so that only multicast packets with downstream 
receivers are sent on the multicast router-connected ports? 

A. PIM snooping 

Q82. Which statement about MAC authentication bypass is true? 

A. It can initiate after 802.IX authentication times out 
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Q83. Which three values used to generate unique bridge ID for each VLAN in PVST+? 

A. Extended system ID 

B. Switch Priority 

C. Spanning-tree MAC address 
















































Q84. Which feature can mitigate hund management sessions? 

A. The service tcp-keepalives-in & service tcp-keepalives-out command 

Q85. Which two configurations must you perform on a router so that you can use SCP to send 
configuration files to an external server? 

A. Configure the login local command under the VTY lines 

B. Configure the crypto key encrypt rsa command 

Q86. What command can you configure on a router so that traffic generated from the router is 
policy-routes? 

A. ip local policy 

Q87. Which two options are valid ipv6 extension header types? 

A. Mobility 

B. Encapsulating security payload 

Q88. You are configuring R1 & R2 for L2TPv3 tunnelling. Which two additional configurations are 
required to enable R1 & R2 to establish the tunnel. 

Rl# show run 

ip cef 

no ip domain lookup 
pseudowire-class RltoR2 
ip local interface loopback 0 

interface loopback 0 
ip address x.x.x.x 

interface Fl/0 

xconnect z.z.z.z 12 pw-class RloR2 


A. Rl must be configured to encapsulate traffic by using L2TPv3 under the pseudowire-class 
RltoR2 

B. Loopback 0 on Rl must be advertised to R2 

Q89. Which two statements about 6PE are true? 

A. It requires BGP to exchange labelled IPv6 unicast between PE routers 

B. Uses an IPv4-mapped IPv6 address as the IPv4 next-hop on PE router 

Q90. R2 is configured with an IP helper address on GigO/O and it is sharing routers with Rl using 
OSPF. If PCI is configured to request an IP address from DHCP server, which two statements 
correctly describes communication between the devices on the network? 

A. Rl forwards DHCPREQUEST to IP x.x.x.x (this is the helper address) 

B. PCI send DHCPDISCOVER to address 255.255.255.255 (this is the broadcast) 



Q91. Which statement about PMTUD is true? (Path MTU Discovery) 

A. It is used to prevent fragmentation of packets travelling across a smaller MTU link 

Another closest option could be - It is supported by TCP & UDP 

Q92. 



